CVE-2007-4786

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information.
References
Configurations

Configuration 1

cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*

Information

Published : 2007-09-10 09:17

Updated : 2018-10-30 04:25


NVD link : CVE-2007-4786

Mitre link : CVE-2007-4786

Products Affected
No products.
CWE
CWE-319

Cleartext Transmission of Sensitive Information